def gen_sym_key(ekid, new_kid=None, iv=None, k=None): out = {'kid': ekid, 'cty': 'b5+jwk+json'} if new_kid != None: kid = new_kid else: kid = gen_uuid() if k != None: new_key = k else: new_key = get_random_bytes(32) key_dat = { 'alg': 'A256GCM', 'ext': True, 'key_ops': ['decrypt', 'encrypt'], 'kty': 'oct', 'kid': kid } key_dat['k'] = optestlib.opb64e(new_key) key_dat_str = json.dumps(key_dat) optestlib.p_str("New symmetric key", json.dumps(key_dat, indent=4)) sym_keys[kid] = new_key if ekid == 'mp': # sym_keys['mk'] = new_key optestlib.p_debug('\n*** Encrypting sym key with AES kid %s' % ekid) iv, ct = optestlib.enc_aes_gcm(key_dat_str, sym_keys[ekid], iv=iv) optestlib.p_data('IV', iv, dump=False) optestlib.p_data('KEY', sym_keys[ekid], dump=False) optestlib.p_data('Ciphertext', ct, dump=False) out['iv'] = optestlib.opb64e(iv) out['data'] = optestlib.opb64e(ct) out['enc'] = 'A256GCM' else: # only the primary sym_key is itself AES encrypted, rest by RSA optestlib.p_debug('\n*** Encrypting sym key with RSA kid %s\n' % ekid) jwkj = '{"keys": [%s]}' % json.dumps(pub_keys[ekid]) jwk = load_jwks(jwkj)[0] optestlib.p_str('Public key e:', jwk.e) optestlib.p_str('Public key n:', jwk.n) RSA_Key = RSA.construct((jwk.n, jwk.e)) C = PKCS1_OAEP.new(RSA_Key) ct = C.encrypt(key_dat_str) out['enc'] = 'RSA-OAEP' out['data'] = optestlib.opb64e(ct) optestlib.p_debug('') optestlib.p_data('RSA-OAEP ciphertext', ct, dump=False) return kid, out
def gen_emk(): global sym_keys optestlib.p_debug('\n** Generating Encrypted Master Key (EMK) block') win_mk = read_default('win_mk') or get_random_bytes(32) sym_keys['win-mk'] = win_mk win_mk_hmac = read_default('win_mk_hmac') or get_random_bytes(32) sym_keys['win-mk-hmac'] = win_mk_hmac optestlib.p_data('New MK', win_mk) optestlib.p_data('New MK HMAC Key', win_mk_hmac) emk_salt = read_default('emk_salt') or get_random_bytes(emk_slen) raw_derived_key = hashlib.pbkdf2_hmac('sha512', MasterPassword, emk_salt, emk_iter, 64) enc_key = raw_derived_key[0:32] enc_hmac_key = raw_derived_key[32:64] optestlib.p_data('MP-derived key', enc_key) optestlib.p_data('MP-derived HMAC key', enc_hmac_key) iv = read_default('win_emk_iv') padding = read_default('win_emk_padding') op_msg = optestlib.encrypt_opdata(win_mk + win_mk_hmac, enc_key, enc_hmac_key, iv=iv, padding=padding) emk = struct.pack('<I', emk_iter) # iterations emk += struct.pack('<I', emk_slen) # salt length emk += emk_salt emk += struct.pack('<I', len(op_msg)) emk += op_msg optestlib.p_data('Final EMK block', emk) return optestlib.opb64e(emk)
def gen_rsa_key(ekid, pub=None, priv=None): if priv == None: new_priv = RSA.generate(2048) jwk_priv = RSAKey(key=new_priv).to_dict() iv = None else: iv = optestlib.opb64d(priv['iv']) jwk_priv = priv['key'] if pub == None: new_pub = new_priv.publickey() jwk_pub = RSAKey(key=new_pub).to_dict() else: jwk_pub = pub jwk_priv['alg'] = 'RSA-OAEP' jwk_priv['key_ops'] = ['decrypt'] jwk_priv['kid'] = ekid jwk_pub['key_ops'] = ['encrypt'] jwk_pub['alg'] = 'RSA-OAEP' jwk_pub['ext'] = True jwk_pub['kid'] = ekid optestlib.p_str("New Private key", json.dumps(jwk_priv, indent=4)) pri_keys[ekid] = jwk_priv pub_keys[ekid] = jwk_pub key_dat_str = json.dumps(jwk_priv) optestlib.p_debug('\n*** Encrypting pri key with AES kid %s' % ekid) iv, ct = optestlib.enc_aes_gcm(key_dat_str, sym_keys[ekid], iv=iv) optestlib.p_data('IV', iv, dump=False) optestlib.p_data('KEY', sym_keys[ekid], dump=False) optestlib.p_data('Ciphertext', ct, dump=False) priv_out = { 'kid': ekid, 'cty': 'b5+jwk+json', 'enc': 'A256GCM', 'data': optestlib.opb64e(ct), 'iv': optestlib.opb64e(iv) } optestlib.p_str("New Public key", json.dumps(jwk_pub, indent=4)) return jwk_pub, priv_out
def gen_old_vault_data(): out = {} m_key = sym_keys['opv-mk'] m_hmac = sym_keys['opv-mk-hmac'] o_key = sym_keys['opv-ok'] o_hmac = sym_keys['opv-ok-hmac'] o_data = '{"title":"Vault entry for local private vaults","url":"www.example.com","ainfo":"-","ps":75}' o_data_enc = optestlib.encrypt_opdata(o_data, o_key, o_hmac) out['overview_data'] = optestlib.opb64e(o_data_enc) ik_iv = read_default('priv_vault_data.ik_iv') or get_random_bytes(16) ik_key = read_default('priv_vault_data.ik_key') or get_random_bytes(32) ik_hmac = read_default('priv_vault_data.ik_hmac') or get_random_bytes(32) ik_padding = read_default('priv_vault_data.ik_padding') optestlib.p_data('Item key IV', ik_iv) optestlib.p_data('Item key', ik_key) optestlib.p_data('Item HMAC key', ik_hmac) item_key_data = optestlib.encrypt_tag_cbc(ik_key + ik_hmac, ik_iv, m_key, m_hmac) check = optestlib.decrypt_verify_cbc(item_key_data, m_key, m_hmac) out['key_data'] = optestlib.opb64e(item_key_data) item_data = '{"fields": [ { "id": "OldPassword;opid=__2", "name": "OldPassword", "type": "P", "value": "notagoodpassword" }, { "designation": "password", "id": "NewPassword;opid=__3", "name": "NewPassword", "type": "P", "value": "OldSk00lRulzFTW!" } ] }' item_data_enc = optestlib.encrypt_opdata(item_data, ik_key, ik_hmac, iv=ik_iv, padding=ik_padding) out['data'] = optestlib.opb64e(item_data_enc) return out
iterations = int(iterations) salt = optestlib.get_binary(" Enter the salt (hex or base64 encoded): ") enc_master_key_data = optestlib.get_binary( " Enter master_key_data (hex or base64): ") enc_overview_key_data = optestlib.get_binary( " Enter overview_key_data (hex or base64): ") mk, mk_hmac, ok, ok_hmac = optestlib.get_local_vault_keys( password, salt, enc_master_key_data, enc_overview_key_data) print "\n* Derived/Decrypted/Derived Vault Keys" optestlib.p_data('Master Key', mk, dump=False) optestlib.p_data('Master HMAC Key', mk_hmac, dump=False) optestlib.p_data('Overview Key', ok, dump=False) optestlib.p_data('Overview HMAC Key', ok_hmac, dump=False) print "\n(Base-64 versions for convenience:" optestlib.p_str('Master key', optestlib.opb64e(mk)) optestlib.p_str('Master HMAC key', optestlib.opb64e(mk_hmac)) optestlib.p_str('Overview key', optestlib.opb64e(ok)) optestlib.p_str('Overview HMAC key', optestlib.opb64e(ok_hmac)) enc_login_data = optestlib.get_binary( "\nEnter encrypted login data (from accounts table) (hex / base64): ") PT = optestlib.decrypt_opdata(enc_login_data, mk, mk_hmac)
m_hmac = optestlib.get_binary( "Enter master HMAC key (base-64 or hex encoded): ") o_key = optestlib.get_binary( "Enter overview encryption key (base-64 or hex encoded): ") o_hmac = optestlib.get_binary( "Enter master HMAC key (base-64 or hex encoded): ") o_data = optestlib.get_binary('Enter overview data (base-64 or hex): ') i_key_data_enc = optestlib.get_binary('Enter item key data (base-64 or hex): ') i_data = optestlib.get_binary('Enter item detail data (base-64 or hex): ') print "\n* Decrypting item overview\n" o_pt = optestlib.decrypt_opdata(o_data, o_key, o_hmac) optestlib.p_str('Item Overview', o_pt) print "\n* Decrypting item keys\n" i_key_data = optestlib.decrypt_verify_cbc(i_key_data_enc, m_key, m_hmac) i_key = i_key_data[0:32] i_hmac = i_key_data[32:] optestlib.p_data('Item Key', i_key) optestlib.p_data('Item HMAC', i_hmac) print "\n* Decrypting item details\n" i_pt = optestlib.decrypt_opdata(i_data, i_key, i_hmac) optestlib.p_str('Item Details', o_pt)
# # David Schuetz # November 2018 # # https://github.com/dschuetz/1password # # Given EMK blob from Windows "1Password10.sqlite" database, # and user's primary account Master Password, # decrypts EMK blob to produce master encryption and HMAC keys # import optestlib bin_emk = optestlib.get_binary( 'Enter EMK data (from config table) in base-64 or hex: ') password = raw_input("\nEnter the master password: ") PT = optestlib.decrypt_emk(bin_emk, password) enc_key = PT[0:32] hmac_key = PT[32:] optestlib.p_data('Master Enc Key', enc_key) optestlib.p_str('(base-64)', optestlib.opb64e(enc_key)) optestlib.p_data('Master HMAC Key', hmac_key) optestlib.p_str('(base-64)', optestlib.opb64e(hmac_key)) optestlib.p_str('Enc+HMAC together', optestlib.opb64e(enc_key + hmac_key))